Management of AD CS

Active Directory Certificate Services role services are managed by using MMC snap-ins. The following table lists the tools you have used throughout this lessons, most of which are available from within Server Manager. Use the buttons below to navigate through the lesson The snap-ins listed in table can be installed by using Server Manager and…

Read More

Configuring an Online Responder

If you decided to use online responders, you will need to finalize their configuration. Online responders can create an array of systems to provide high availability for the service. An array can be as simple as two CAs acting as ORs (Online Responders), or it can include many more servers. Use the buttons below to…

Read More

Configuring Enrollment

Now you’re ready to configure enrollment. This is done through Group Policy. You can choose either to create a new Group Policy for this purpose or to modify an existing Group Policy object. This policy must be assigned to all members of the domain; therefore, the Default Domain Policy might be your best choice or,…

Read More

Configuring and Personalizing Certificate Templates

Certificate templates are used to generate the certificates you will use in your AD CS configuration. Enterprise CAs use version 2 and 3 templates. These templates are configurable and enable you to personalize them. Use the buttons below to navigate through the lesson To prepare templates for various uses, you must first configure each template you…

Read More

Configuring and Using Active Directory Certificate Services

After you have deployed your servers, you still need to complete several configurations to begin using them to issue and manage certificates to users and devices. Several activities are required: Use the buttons below to navigate through the lesson To issue and maintain certificates, you must finalize the configuration of your issuing CAs. For your…

Read More

Obtain and Install the Issuing CA Certificate

Now, you will obtain the certificate to complete the installation of the issuing CA. You should normally perform this procedure offline using a removable storage device such as a floppy disk or a USB flash drive, but for the purpose of this exercise, you will use a shared folder to transfer the certificate request and…

Read More

Install AD CS as an Enterprise Issuing CA

Right click Roles. Select Add Roles. Click Next. Select Active Directory Certificate Services and click Next. Click Next. Use the buttons below to navigate through the lesson Select Certification Authority and Online Responder and click Next. When Online Responder is selected Web role services need to be added as well. Click Add required Role Services. Click Next. Select Enterprise and…

Read More

Installing Certificate Services Windows 2008

In most cases, you will install at least a two-tiered structure, installing first a standalone, then an enterprise CA. In larger organizations, you will deploy several tiers and install several servers in each tier except for the root. Servers hosting the AD CS role should be configured with the following capabilities whether they are physical or…

Read More

Certificates Overview

Public Key Infrastructure (PKI) is implemented in Windows  in the form of certificate services. Certificates can be used to provide both authentication and encryption for a Windows network. Use the buttons below to navigate through the lesson A certificate contains a public key and a set of attributes, like the user’s name and e-mail address.…

Read More